Community Platform
PRO PROGRAM

Shaked Eldor

Interests
  • Application Programming Interface (APIs)
  • Data analytics
  • Digital entrepreneurship
  • Digital innovation
    • more...
This Year
No Points
Total
1113 Points
MIS Badge

Click here
to validate the recipient

Cloud Security: AWS and Azure

Cloud Security: AWS and Azure

Known as two leading public cloud platforms, AWS and Azure offer a broad set of capabilities around flexible compute, storage, networking, and pricing [1]. While Azure is a cloud computing service operated by Microsoft and AWS by Amazon, in practice, they provide similar cloud services such as compute, storage, databases, analytics, networking, and developer tools [2][3]. With this in mind, AWS and Azure must invest in and maintain effective cloud security procedures and technology considering the valuable data and information their data centers store.

Cloud security is a sub-domain of network and computer security, and more broadly information security [4]. Simply, cloud security involves the protection of cloud-based data, information, applications, and infrastructure from external and insider cybersecurity threats [5]. Reflecting on businesses, educational institutions, and governments’ dependability on cloud computing, it is critical for AWS and Azure cloud platforms to implement productive cloud security practices to keep data in the cloud secure from current and potential threats. To that end, AWS and Azure provide the following services and practices: (1) Data Protection – implementing data protection services that provide encryption including encryption at rest (i.e., encrypting data that is housed physically on the computer (e.g., hard drive) such as Amazon EBS, Amazon S3, Amazon RDS and Azure’s Transparent Data Encryption (TDE)), encryption in flight (i.e., encrypting data before transmission such as TLS), and key management [6] [7]; (2) Threat detection and continuous monitoring – identifying threats by continuously monitoring the network activity and users’ account behavior; (3) Identity & access management – managing user identities and their access to resources and infrastructures in the cloud; (4) Network security – protecting resources form unauthorized access or attack by ensuring that only legitimate and authorized traffic is allowed. [8] [9]

In regards to our MIS 3406 course, throughout the semester we used AWS services to implement the following: (1) Virtual Private Cloud, (2) subnets, (3) instances, and (4) RDS databases. Specifically, in our semester-long project, we used AWS services to run our Toll Calculator application. Even though our instances and database in the project didn’t have sensitive information, cloud security is still crucial for AWS to maintain. Preventing data leaks or information theft is critical for maintaining customers’ trust and loyalty [10]. Considering Azure is also a leading public cloud platform, implementing effective cloud security in AWS would attract potential customers and contribute to Amazon’s competitive advantage [10].

In addition, completing our Toll Calculator project and certain In-class exercises, we used an AWS service that provides security in the cloud: Auto Scaling. Simply, AWS Auto Scaling is a cloud computing service that enables cloud services such as virtual machines (EC2) to be scaled up or down, depending on various factors such as their utilization levels. In relation to cloud security, ideally, if an instance is hacked, its auto-scaling group could simply terminate the infected instance and generate an identical one. With this in mind, auto-scaling could be very beneficial against Distributed Denial of Service (DDoS) [11]. In the case of a cyber-attack, rather than experiencing a total denial of service, the victim would only suffer from economic damage incurred by paying for the AWS auto-scaling [11] because auto-scaling would allow their business operations to continue without interruptions.

 

References

[1] AWS to Azure Services Comparison – Azure Architecture Center. Azure Architecture Center | Microsoft Docs, https://docs.microsoft.com/en-us/azure/architecture/aws-professional/services

[2] The Products. Amazon, https://aws.amazon.com/products/

[3] Azure Services Overview. Azure Charts – Your Cloud Radar, https://azurecharts.com/overview

[4] Cloud Computing Security. Wikipedia, Wikimedia Foundation, https://en.wikipedia.org/wiki/Cloud_computing_security

[5] What Is Cloud Security? How to Secure the Cloud. McAfee, https://www.mcafee.com/enterprise/en-us/security-awareness/cloud.html

[6] Transparent Data Encryption (TDE). SQL Server | Microsoft Docs, https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/transparent-data-encryption?view=sql-server-ver15

[7] Protecting Data Using Encryption. aws | Amazon, https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingEncryption.html

[8] Security, Identity, and Compliance on AWS | Amazon, https://aws.amazon.com/products/security

[9] Brown, Amanda. What Is Azure Security? | DataInsider, Digital Guardian, 17 Aug. 2020, https://digitalguardian.com/blog/what-azure-security

[10] What Is Cloud SecurityBox, https://www.box.com/resources/what-is-cloud-security

[11] Bremler-Barr, Anat, et al. DDoS Attack on Cloud Auto-Scaling Mechanisms. http://www.deepness-lab.org/pubs/infocom17_ddos.pdf 

 

Skip to toolbar